Last modified: 2011-12-20 19:21:47 UTC
Currently, when you first create an account, you don't get logged into non-WMF projects. You have to log out and log back in again to be logged in globally. This is very non-intuitive behavior. One of the consequences is that, when a user first signs up and tries to upload a file, they hit a "You have to log in" warning on Commons -- even though they already have an account. The user should be logged in globally immediately, i.e. the onUserLoginComplete hook probably should be run on successful account creation.
s/non-WMF projects/WMF projects with another domain name/
Hmm, this was always meant to work -- either it's a regression or nobody noticed for a few years. :)
Sam, could you take a look at this one?
(In reply to comment #2) > Hmm, this was always meant to work -- either it's a regression or nobody > noticed for a few years. :) Quick look at the code that is in the CentralAuthHooks::onUserLoginComplete hook... $inject_html .= '<div class="centralauth-login-box"><p>' . wfMsgExt( 'centralauth-login-progress', array( 'parsemag' ), $user->getName() ) . "</p>\n<p>"; foreach ( $wgCentralAuthAutoLoginWikis as $alt => $wiki ) { $data = array( 'userName' => $user->getName(), 'token' => $centralUser->getAuthToken(), 'remember' => $user->getOption( 'rememberpassword' ), 'wiki' => $wiki ); $loginToken = wfGenerateToken( $centralUser->getId() ); global $wgMemc; $wgMemc->set( CentralAuthUser::memcKey( 'login-token', $loginToken ), $data, 600 ); $wiki = WikiMap::getWiki( $wiki ); $url = wfAppendQuery( $wiki->getUrl( 'Special:AutoLogin' ), "token=$loginToken" ); $inject_html .= Xml::element( 'img', array( 'src' => $url, 'alt' => $alt, 'title' => $alt, 'width' => 20, 'height' => 20, 'style' => 'border: 1px solid #ccc;', ) ); } $inject_html .= '</p></div>'; Seemingly that needs refactoring out/duplicating to a subscriber to CentralAuthHooks::onAddNewAccount But we don't have an as "nice" way of injecting the HTML back
I looked at this a bit, and although I'm not sure, I suspect the issue is this check: if ( !$wgRequest->getCheck( 'wpCentralLogin' ) ) { // The user requested to log in just on this wiki return true; } Since the account creation page does not appear to have the wpCentralLogin checkbox. Changing it to something like this might fix the issue: if ( !$wgRequest->getCheck( 'wpCentralLogin' ) && !$wgRequest->getCheck( 'wpCreateaccount' ) ) { // The user requested to log in just on this wiki return true; } Apart from that the code looks valid to me; if I'm not mistaken the onUserLoginComplete method should be getting called on account creation. To many hooks and undocumented stuff to be sure without testing, which I'm not set up for, though.
(In reply to comment #5) > Apart from that the code looks valid to me; if I'm not mistaken the > onUserLoginComplete method should be getting called on account creation. To > many hooks and undocumented stuff to be sure without testing, which I'm not set > up for, though. Yup, UserLoginComplete hook is fired on UserSignup. I'd guess that your suggested fix should work...
This is indeed a regression, I'm guessing it broke around the time the "Also log me in to other wikis of the Wikimedia Foundation" checkbox was added in r75041, and the short circuit to exit was added... Hopefully fixed per Jeroen in r106801 Need to poke and verify
Yup, looks fine locally :)
Brion reverted the whole checkbox out in r106839
